Application Security Specialist, Developer Advocate
Zoomies help the world connect — and deliver happiness while doing it. We set out to build the best video conferencing product for the enterprise, and today help people communicate better with products like Zoom Phone, Zoom Rooms, Zoom Video Webinars, Zoom Apps, and OnZoom.
We’re problem-solvers and self-starters, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to dig deep into impactful projects that are changing the way people communicate, and enjoy opportunities to advance your career in a diverse, inclusive environment.
RESPONSIBILITIES
Responsible for complete functional testing of application submissions received from 3rd party developers for Zoom App Marketplace.
Verify the operation of the application against the expected functionality and deploy as per Zoom policies.
Generate completed functional testing result documentation and work with 3rd party developers to resolve discovered issues violating Zoom Marketplace policies and TOS.
Responsible for conception, execution, analysis, and documentation of all Zoom Marketplace application security and penetration tests to identify risks 3rd party developer applications impose upon Zoom.
Create test plans and identify application security vulnerabilities by running security tests on applications, networks, and software.
Devise solutions to resolve the weaknesses and mitigate any security risks for Zoom and Zoom customers.
Involved in the conception, development, and execution of code, scripts, and systems to automate security and penetration test cycles for Zoom to scale as a business.
Liaise with internal leadership in the strategic design process to translate security and business requirements into processes and tools.
Responsible for authoring, publishing, and maintaining official documentation, blog posts, and case studies regarding the functional testing, development, security, and best practices and techniques 3rd party developers can implement to improve their applications.
REQUIREMENTS
Previous experience (2+ years) as a software or security engineer
Experience with software and cloud security
Experience with cyber security frameworks and standards, including but not limited to NIST and ISO
Intimate understanding of Secure Network Communication protocols, including TCP/IP, DHCP, DNS, FTP, HTTP, and HTTPS
Experience with Authentication and Authorization, Public Key Infrastructures (PKIs), Certification Authorities (CAs), and Digital Signatures;
Experience with common web vulnerabilities (OWASP - Open Web Application Security Project);
Bonus Skills
Experience with FOSS Scanning, Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST); and
Experience with cyber-threat and cyber-risk analysis.
Explore Zoom:
Hear from our leadership team
Browse Awards and Employee Reviews on Comparably
Visit our Blog
Zoom with us!
Find us on social at the links below and on Instagram